New Network Hosts

In this sample example, we monitor and report newfound network hosts.

The NewHosts script might send an alert message like the following:

                                PIKT ALERT
                         Wed Oct 10 22:34:10 2007
                                  vienna

INFO:
    NewHosts
        Report new hosts

        padua.acme.com

The script follows.

#if piktmaster | piktmistress

NewHosts

        init
                status =piktstatus
                level =piktlevel
                task "Report new hosts"
                input proc "=prgdir/rollcall.pl =subnets"
                dat $host 1

        rule
                if ! #defined(%found[$host])
                        output mail $host
                        set #found[$host] = 1
                else
                        set #found[$host] = %found[$host] + 1
                fi

#endif

NewHosts invokes the rollcall.pl Perl script

#!/usr/bin/perl
 
$count = 1;
$timeout = 2;
 
while ($ARGV[0]) {
        $s = $ARGV[0];
        for ($a=0; $a<255; $a++) {
                system("ping -c $count -W $timeout $s\.$a 2>&1 |
                        egrep transmitted | egrep -q \" 0% packet loss\" && echo \"$s.$a\" |
                        xargs nslookup -sil | egrep \"name =\" | awk -F= '{print \$NF}' |
                        sed 's/ //g' | sed 's/\.\$//'");
        }
        shift;
}
 
exit 0;

subnets         10.1.0
                10.1.1
                10.1.2
                10.2.0
                10.2.1
                10.2.253
                10.2.254
                [...]

For more examples, see Samples.